1594343 – [RFE] RHV SSH Credentials file input takes any file format (.pdf, .jpeg, etc.)

Bug 1594343 - [RFE] RHV SSH Credentials file input takes any file format (.pdf, .jpeg, etc.)

Summary: [RFE] RHV SSH Credentials file input takes any file format (.pdf, .jpeg, etc.)

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat CloudForms Management Engine
Classification:	Red Hat
Component:	UI - OPS
Sub Component:
Version:	5.9.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	medium
Severity:	medium
Target Milestone:	GA
Target Release:	5.10.10
Assignee:	Martin Maroši
QA Contact:	Kedar Kulkarni
Docs Contact:	Red Hat CloudForms Documentation
URL:
Whiteboard:	v2v
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2018-06-22 16:52 UTC by Kedar Kulkarni
Modified:	2019-08-22 08:09 UTC (History)
CC List:	12 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2019-08-22 08:09:35 UTC
Category:	---
Cloudforms Team:	V2V
Target Upstream Version:
Embargoed:
Flags:	kkulkarn: automate_bug- mfeifer: mirror+

Attachments	(Terms of Use)
Screenshot (38.75 KB, image/png) 2018-06-22 16:52 UTC, Kedar Kulkarni	no flags	Details
View All

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1586085	0	high	CLOSED	[RFE] Add SSH credentials to the oVirt Manager	2021-02-22 00:41:40 UTC

Internal Links: 1586085

Description Kedar Kulkarni 2018-06-22 16:52:43 UTC

Created attachment 1453783 [details]
Screenshot

Description of problem:
RHV SSH Credentials file input takes any file format (.pdf, .jpeg, etc.), we should add some kind of validation around it. 

Version-Release number of selected component (if applicable):
master.20180621230811_8e109d6

How reproducible:
100%

Steps to Reproduce:
1.Navigate to Add infra provider form
2.Select Red hat Virtualization
3.Select RSA Key Pair tab
4.Upload any kind of file to New Private key Input

Actual results:
I can upload anything, see screenshot

Expected results:
Should have some validation to make sure only key file can be uploaded

Additional info:

Comment 2 Ilanit Stein 2018-07-02 14:10:30 UTC

For Openstack, there is no validation for the "RSA key pair" too 
(Not for the key structure, and not for the connection).

In openstack the "RSA key pair" is used for nodes SmartStateAnalysis  - 
after SSA task is finished, in the Node summary page, under Authentication, 
it is mentioned that "ssh key pair validated".

Comment 3 Kedar Kulkarni 2018-07-02 15:55:38 UTC

This issue is present on 5.10.0.2 as well

Comment 5 Kedar Kulkarni 2018-10-02 17:23:25 UTC

https://github.com/ManageIQ/manageiq-v2v/issues/679

Comment 7 Martin Maroši 2019-08-22 08:09:35 UTC

This is not a bug.

SSH keys do not have any file type. That prevents us from filtering the upload options to specific file types (like you can do when uploading images). You can even store your shh key into file with .jpeg extension without any problem.

Another issue is that there is many formats of ssh keys across all the providers we support. And these can change.

Public keys have specific prefix in the file content (ssh-rsa the rest of the key goes here) so we could technically read the file content, but that only applies for public keys not private keys. Also UI is no the only place where user can add credentials. You can also do it via API so we would have to duplicate the code which would not even cover all of the use cases. So if this is a bug, UI should not be the place where we start fixing it.

Because of this we have to allow upload of any file type.

So to prevent storage of invalid file types user have to first validate the credentials. That is the most effective validation you can have for this use case.

I will close this one but if you have different opinion, please provide more arguments why it should be done and re-open this issue.

Note You need to log in before you can comment on or make changes to this bug.